Ransomware victim disclosure
← All victimsAvianor
listed as www.avianor.com · Claimed by NoEscape · listed 3 years ago
Status timeline
- ListedNov 8, 2023
- Data leakeddate unknown
At a glance
- Group
- NoEscape
- Status
- Data leaked
- Country
- Canada
- Sector
- Defense & Aerospace
- Listed on leak site
- Nov 8, 2023
About the victim
AI dossier — public-source company profileAvianor is a Canadian aerospace company with over 30 years of experience specializing in commercial and military aircraft maintenance (MRO), airframe heavy maintenance checks, aircraft completions, and customizable interior solutions. The company operates an A220 Center of Excellence described as unrivalled in North America and serves airlines, lessors, integrators, and OEMs. It employs more than 465 skilled experts and holds certifications from airworthiness authorities including TCCA, FAA, and EASA.
- Industry
- Aerospace MRO & Aircraft Interior Solutions
- Employees
- 465
Attack summary
Severity: critical — Avianor performs maintenance on both commercial and military aircraft and holds sensitive engineering, airworthiness, and defense-related data. Data has been published (confirmed exfiltration), and the involvement of military aircraft programs elevates this to critical given the potential exposure of defense-sensitive and regulated aerospace data.The NoEscape ransomware group claims to have attacked Avianor and has reached the data_published stage, indicating exfiltration and publication of stolen data. No specific ransom amount or data volume was stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Business documents
- Engineering and program management data
- Customer/client records
- Airworthiness certification documentation
- Employee records
- Military aircraft maintenance data
Sources
- Victim siteavianor.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

